Problem: adduser --system or addgroup --system refuse to proceed if the name is already provided by a remote directory service for passwd or group. On the next reboot the user or group names cannot be resolved, if the (unrelated!) directory service is not available yet. The system users and groups should be defined locally, independent from the availability of a foreign directory service. Regards Harri
This one time, at band camp, Harald Dunkel said: adduser uses the system nss routines. It's up to the admin of the system to set them up appropriately, sorry. Cheers,
nsswitch.conf does not provide an interface to introduce new group IDs. getent uses nss, but this is a bug report about adduser. Regards Harri
This one time, at band camp, Harald Dunkel said: Sure it does. man putgrent, although you are right, it is file based. adduser does not know about directory services, it calls the system nss routines to determine user and group information, and then it uses the passwd and related commands to manipulate users and groups. If those don't do the right thing with your directory services, then adduser can't help you. Cheers,
Please note - I don't run "adduser --system", but some postinst scripts do. Looking at the official interface to manage packages I am not even supposed to know which system user accounts are created. All I see is that some unrelated system services are not started at boot time, if the remote directory service is not running. - I agree that nsswitch.conf is of no help here. The suggestion of this bug report is to ignore remote directory services. Obviously this implies to bypass nsswitch.conf and to read&write /etc/passwd and the others directly, if --system is set. Regards Harri
Control: tags -1 wontfix thanks Adduser uses useradd to do its work. I don't think it would be wise to special case around the low level tools. Please discuss this with the shadow maintainers, and after they have come up with a fix adduser might follow or not. Please consider refering to the technical committee if you feel strongly about this. Greetings Marc
Control: tags -1 wontfix thanks Adduser uses useradd to do its work. I don't think it would be wise to special case around the low level tools. Please discuss this with the shadow maintainers, and after they have come up with a fix adduser might follow or not. Please consider refering to the technical committee if you feel strongly about this. Greetings Marc
Instead of dropping this bug report with won'tfix after 8 years it would have been appropriate to reassign it to the useradd package immediately. Thanx very much for your help Harri
Instead of dropping this bug report with won'tfix after 8 years it would have been appropriate to reassign it to the useradd package immediately. Thanx very much for your help Harri
Instead of dropping this bug report with won'tfix after 8 years it would have been appropriate to reassign it to the useradd package immediately. Thanx very much for your help Harri
Control: reassign -1 passwd
Control: severity -1 wishlist
Control: tags -1 = wontfix
Reassigning to passwd, which provides the {user,group}{add,mod,del}
commands. The shadow suite of programs deals with local files, but
access is still happening through NSS functions.
If you have configured non-local NSS plugins, you've got to make
sure the setup works as a whole for you.
You are welcome.
Chris
Control: reassign -1 passwd
Control: severity -1 wishlist
Control: tags -1 = wontfix
Reassigning to passwd, which provides the {user,group}{add,mod,del}
commands. The shadow suite of programs deals with local files, but
access is still happening through NSS functions.
If you have configured non-local NSS plugins, you've got to make
sure the setup works as a whole for you.
You are welcome.
Chris